Dynamic interface for mobile devices

ABSTRACT

A method of enforcing security and confidentiality on a communications device using a dynamic interface application comprises a first external device receiving a first message from a second external device indicating that the security of the communications device has been compromised, and the first external device authenticating the first message and processing the instructions contained in the first message to safeguard content marked confidential. The method also comprises the first external device sending a second message to a device security component executing on the communications device, the second message containing instructions to render inaccessible tiles marked confidential by one of deleting and temporarily disabling access to marked tiles, and disable selected functionality of the dynamic interface application and underlying communications functionality of the communications device until receiving further instruction. The method also comprises the device security component carrying out the instructions contained in the second message.

CROSS-REFERENCE TO RELATED APPLICATIONS

None.

STATEMENT REGARDING FEDERALLY SPONSORED RESEARCH OR DEVELOPMENT

Not applicable.

REFERENCE TO A MICROFICHE APPENDIX

Not applicable.

BACKGROUND

Mobile electronic devices, for example mobile phones, personal digitalassistants, media players, and other devices, may have limited and/orrestrictive interfaces. These limitations may comprise small visualdisplays and/or limited keyboards/keypads. These limitations may result,at least in part, from the small form factors of mobile electronicdevices and/or the relatively low price point of mobile electronicdevices. With the advancing technologies of mobile communications, thefeatures and services available to mobile electronic devices haveincreased in sophistication as well as numbers. Some mobile electronicdevices provide access to the Internet, for example through emailapplications and/or web browser applications. Some applications and/orsoftware widgets that execute on mobile devices may featurefunctionality that periodically refreshes information presented on theelectronic device without any user action. At the same time, many mobileelectronic devices may lack some or all of the hardware capabilitiesthat promote accessing some of these network-based applications and/orwidgets.

SUMMARY

In an embodiment, a communications device dynamic interface system isprovided. The system comprises an at least one communications device anda dynamic interface application, that when executed on the at least onecommunications device, arranges a plurality of selectable, viewablepanes in a virtual carousel format. The system also displays at leastone of data and interactive content within the panes, the data andinteractive content received from external sources. The system alsochanges the viewing sequence of the panes on demand and places lessfrequently viewed panes in a background area of the interface. Thesystem also archives panes not viewed for a predetermined period of timeand deletes panes not viewed for a predetermined period of time.

In another embodiment, a method of refreshing a dynamic user interfaceis provided. The method comprises receiving a first transmission ofelectronic media, determining that at least some of the electronic mediais displayable in a pane in the dynamic user interface, and insertingthe electronic media into the pane. The method also comprises receivinga second transmission of electronic media and determining that theelectronic media received in the second transmission is to be associatedwith the pane and into which the electronic media received in the firsttransmission was associated. The method also comprises inserting theelectronic media received in the second transmission into the pane intowhich the electronic media received in the first transmission wasinserted. The method also comprises one of continuing to display and notcontinuing to display the electronic media received in the firsttransmission wherein panes are one of associated with a non-recurringevent and not associated with a non-recurring event and the panesassociated with the non-recurring event terminate at the conclusion ofthe event and wherein at least some of the panes are seasonal and appearin the dynamic interface during specific periods of one of a year,month, week, and other periods of time.

In another embodiment, a method of enforcing security andconfidentiality on a communications device using a dynamic interfaceapplication is provided. The method comprises receiving a first messageindicating that the security of the communications device has beencompromised, authenticating the first message, and processing theinstructions contained in the first message to safeguard content markedconfidential, the content associated with panes of the dynamic interfaceapplication. The method also comprises rendering inaccessible panesmarked confidential by one of deleting and temporarily disabling accessto marked panes and disabling selected functionality of the dynamicinterface application and underlying communications functionality of thecommunications device until receiving further instruction. The methodalso comprises receiving a second message indicating that the securityof the communications device is no longer compromised and enablingpreviously disabled functionality and restoring previously disabledpanes pursuant to instructions contained in the second message.

These and other features will be more clearly understood from thefollowing detailed description taken in conjunction with theaccompanying drawings and claims.

BRIEF DESCRIPTION OF THE DRAWINGS

For a more complete understanding of the present disclosure, referenceis now made to the following brief description, taken in connection withthe accompanying drawings and detailed description, wherein likereference numerals represent like parts.

FIG. 1 is a block diagram of a system according to an embodiment of thedisclosure.

FIG. 2 is a flow chart illustrating a method according to an embodimentof the disclosure.

FIG. 3 is a flow chart illustrating another method according to anembodiment of the disclosure.

FIG. 4 is an illustration of a mobile device according to an embodimentof the disclosure.

FIG. 5 is a block diagram of a mobile device according to an embodimentof the disclosure.

FIG. 6 is a block diagram of a software configuration for a mobiledevice according to an embodiment of the disclosure.

FIG. 7 illustrates an exemplary general purpose computer system suitablefor implementing the several embodiments of the disclosure.

DETAILED DESCRIPTION

It should be understood at the outset that although illustrativeimplementations of one or more embodiments are illustrated below, thedisclosed systems and methods may be implemented using any number oftechniques, whether currently known or in existence. The disclosureshould in no way be limited to the illustrative implementations,drawings, and techniques illustrated below, but may be modified withinthe scope of the appended claims along with their full scope ofequivalents.

Several embodiments of a dynamic interface for mobile devices aredisclosed that promote a more dynamic interaction and richer overallexperience for mobile device users. Mobile device interfaces maycomprise a large number of controls, for example tiles associated withapplications, web pages, and widgets. Some of the controls may be usedonly rarely or only during specific periods of time. The dynamicinterface provides methods for managing these controls to increase theconvenience and usability of the interface of the mobile devices.

In an embodiment, the dynamic interface may be based on a virtualcarousel presentation, where controls are disposed in the viewablescreen, to the right of the viewable screen, and to the left of theviewable screen. By scrolling to the right, controls that are to theright of the viewable screen come into view while other controls go offscreen to the left. By scrolling to the left, controls that are to theleft of the viewable screen come into view while other controls go offscreen to the right. This kind of interface can be conceptualized as avirtual carousel that contains all of the controls. In otherembodiments, however, a virtual carousel may not be used and anotherkind of interface may be employed.

In an embodiment, the interface controls may comprise tiles as well asother conventional controls such as buttons, drop-down menus, and otherknown controls. The tiles contain actively running applicationsdisplaying viewable data and/or interactive content selected by theviewer. The data or interactive content may be dynamically refreshedwithout action by the user or changed at the user's discretion. The userdecides on the specific content to be displayed in each tile, the orderof the tiles in the virtual carousel, and how long a tile is to remainin the carousel. The system allows a user to create and download tilesfor a single or short term use. The system allows tiles to be seasonal,such that they are actively displayed in the carousel during certaintimes of the year. The system allows tiles to be linked to specificevents with the system periodically updating information displayed inthe tile or tiles as the event progresses with the tile(s) deleted atthe conclusion of the event.

Tiles that are frequently viewed may be grouped toward the front of thevirtual carousel and/or nearer the in-view controls of the interface.Tiles that are not accessed for an extended period of time may migratetoward the back of the virtual carousel and/or further from the in-viewcontrols of the interface. Tiles that are not accessed for a predefinedperiod of time may be archived or deleted. The user may scroll right andleft through the tiles as they appear in the order chosen by the userand may skip over tiles. In an embodiment, scrolling continuously rightor left through the series of chosen tiles eventually brings the userback to the user's starting tile. The tiles may be scrolled throughhorizontally with the most frequently used tiles remaining together anddisplayed near the front of the virtual carousel. The user has theoption to create and add new tiles, delete existing tiles, and changethe duration that one or more tiles remain actively in the virtualcarousel.

While some of the tiles in the dynamic interface may have traditionalfunctionality found in mobile telephones, such as storing contactinformation, electronic mail processing, and text messaging, the dynamicinterface provides the opportunity to create customized, personalizedtiles that display and refresh electronic content chosen by the user.The electronic content may be delivered to the mobile device by aservice provider using the really simple syndication (RSS) or other datafeed format used to publish frequently updated content. The tiles arepopulated with this information automatically and without user action.Tiles are constructed according to their specific utility such that atile that displays stock market activity might update itself everyminute, a tile displaying sports scores might update every ten minutes,and a tile displaying weather might update every twenty minutes.

In addition to allowing the user to designate one or more tiles for asingle use, a specific non-recurring event, and for seasonal use, thedynamic interface permits the user to create profiles such that one setof tiles appears in the dynamic interface during the workday and asecond set of tiles appears in the evening. A similar arrangement may beused to organize a user's dynamic interface in one manner during thework week and in a different manner on the weekend. The system alsoembodies security functionality. If the user loses or misplaces theportable communications device or it is stolen, the user may access aninterface on another portable device or on a desktop computer, usecredentials to gain secure access, and remotely disable or deletespecific tiles and functionality of the dynamic interface and of thedevice itself. These steps will permit the user to remotely preserveprivacy by protecting confidential information viewable on theinterface. Should the user later recover the device, the user may accessthe dynamic interface, enter secure credentials, and re-enablefunctionality earlier disabled as well as recover tiles madeinaccessible after the device was lost, misplaced, or stolen.

Turning now to FIG. 1, a system 100 for a dynamic interface is provided.The system 100 comprises a communications device 110, a dynamicinterface application 120, a service provider 130, a content provider140, and a network 150.

The communications device 110 may be a mobile telephone, personaldigital assistant (PDA), media player, personal digital television, orother device able to display a graphical user interface with thecapability to send, receive, and/or display interactive content. In anembodiment, the communications device 110 may also be a portablecomputer, laptop computer, desktop computer, or desktop telephone withthe necessary described display and interactive capabilities. In anembodiment, the communications device 110 is a mobile telephone depictedas the mobile device 102 in FIG. 4 and described later in detail. Thecommunications device 110 hosts the dynamic interface application 120.

The dynamic interface application 120 is executed on the communicationsdevice 110. The dynamic interface application 120 comprises a tilemanagement component 122 that maintains the order of the tiles in theinterface and attends to the addition and deletion of tiles to thedynamic interface. The terms pane and tile refer to the same componentand may be used interchangeably henceforth. The tile managementcomponent 122 receives and carries out instructions about thearrangement of tiles such that the tiles are presented in the desiredorder. In an embodiment, the tiles are arranged in a virtual carouselformat wherein the tiles are in the chosen sequence. In an embodiment,the tile from which the user begins would eventually “come back around”and be displayed again if the user continued to scroll right or leftlong enough. Whereas the organization of the viewable tiles is describedfor illustration purposes as being in a specific sequence and the tilesmoved as if in a “lazy susan” type of arrangement, in reality the tilescomprise software files stored in directories and called for display bythe dynamic interface application 120 by the use of pointers and otherwell known software methods.

The tile management component 122 maintains the order of the tiles inthe dynamic interface and receives and follows instructions regardingchanging the order of the tiles. Tiles, as viewed by a user, may movehorizontally from right to left or left to right pursuant to keystrokesor other entries made by the user in the graphical user interface of thedynamic interface application 120. In an embodiment, the dynamicinterface may actively house about fifteen total tiles that may beviewed in sequence. At any one time, tabs for about five of those aboutfifteen total tiles may be visible to the user at the bottom, along oneof the sides, or elsewhere in a limited section of the display of thecommunications device 110. Of the about five tabs displayed at any onetime, the full screen for one of the tabs is fully displayed for theuser to view and invoke objects on the screen that may represent runningapplications linked with active Internet connections receiving livefeeds of electronic content. Even tiles that are not the currentlyactive tile or do not even have their tabs displayed as one of the aboutfive presently visible in the screen may regularly receive feeds ofupdated electronic content. The tiles that are constantly refreshedremain current and available for the user to select and view at theuser's option. The about five tabs that are visible at a time aredisplayed in a tessellated or tiled fashion such that the borders ofeach of the about five tabs are contiguous with one another and thedisplayed tabs appear to be contiguously abreast of each other in a rowacross the bottom of, along the side of, or elsewhere in display of thecommunications device 110. In an embodiment, the tile actively displayedby the communications device 110 may correspond to the center or thirdof the about five displayed tabs.

The tile management component 122 also creates new tiles and importsexisting tiles or tile formats into the dynamic interface. The user ofthe communications device 110 may create tiles and configure activelinks to external sources of actively refreshing content from theInternet or other sources. The content is received by the communicationsdevice 110 and fed to the appropriate tile and selectable object withinthe tile via electronic feed using the really simple syndication (RSS)or other data feed format used to publish frequently updated content.The user may also import tiles created by outside content providers 140and the service provider 130. In an embodiment, the content contained intiles received from content providers 140 may or may not be modified bythe dynamic interface application 120. The newly created or importedtiles are placed in the dynamic interface in the order chosen by theuser and remain in the dynamic interface permanently or for a specificperiod of time chosen by the user. Content providers 140 on the Internetor elsewhere may make their content available in several electronicformats including a tile or pane format that may be readily downloadedand imported by communications devices 110 using the dynamic interfaceapplication 120. The availability and delivery of these tiles fromoutside sources may be affected by the type of service relationship andsubscription that the user of the communications device 110 has with itsservice provider 130 and by the technical capabilities of thecommunications device 110, the service provider 130, and contentproviders 140.

The tile management component 122 also archives and deletes tiles thatare not accessed for a predetermined time interval. In an embodiment,when a tile is not accessed for the specified time period, the tilemanagement component 122 may remove the tile from the currently viewablegroup of tiles in the dynamic interface and archive the tile wherein thetile may later be recovered at the option of the user. Tiles that arearchived may be bookmarked or indexed enabling a user to quickly locatea desired archived tile and place it back in the dynamic interface.Bookmarking of archived tiles may allow a user to catalog tiles by date,subject matter, or other category. Since tiles may contain embeddedlinks to Internet sites delivering electronic content, bookmarkingassists in tracking selected sites. As tiles may contain applicationsthat run on demand, bookmarking a tile may be similar to saving a linkto an application in a folder. The tile may also be permanently deletedby the user and not be recoverable.

The tile management component 122 may also enforce policies created inthe dynamic interface application 120 regarding limitations on the typesof tiles that may be created, imported, and viewed by a user of thecommunications device 110. Parents may wish to limit content viewable onthe communications device 110 by minor children and employers may wishto limit content that employees view on the communications devices 110provided to employees for business use. Parents, employers, or otherparties providing communications devices 110 may create specific usagepolicies, and the tile management component 122 enforces these policiesand may report attempts to circumvent or violate these policies back tothe sponsoring parent, employer, or other party.

In an embodiment, one of the tiles may be a home tile or starting tile.This tile may contain a selectable object that points to another tilethat itself contains selectable objects linked to actively receivedcontent from content providers 140. The selectable objects may alsocontain tools or other utilities or applications the user may wish toaccess. In an embodiment, selecting one of the selectable objects in thetile linked to the home or starting tile may link the user directly toone of the other tiles in the dynamic interface.

The dynamic interface application 120 may also comprise the interfacemanagement component 124 that changes the positions of tiles in thedynamic interface in accordance with single instance, event, seasonal,and profile specifications. Tiles may be created and imported for asingle use such as to remind the user of an appointment, engagement, orto provide material needed for a meeting. Tiles may also be created orimported to accompany a user's participation in a non-recurring event,such as a television show, music or cultural festival, or business orpolitical convention. The associated tile or tiles in the user's dynamicinterface may be dynamically refreshed to notify the user of imminentevents in the festival or convention or to provide schedule changes,announcements, pictures, video, blog entries, or any other dynamicallycreated and furnished content associated with the event. When the eventconcludes, the tiles associated with the event are configured toautomatically be deleted from the user's dynamic interface.

The interface management component 124 also inserts, manages, andremoves tiles related to seasonal activities in which the user isinterested. Tiles related to sport seasons, television series, andschool-year schedules are examples of these types of tiles. During thefootball season, for example, a user may have one or more tiles in theuser's dynamic interface that provide dynamically updated informationabout football scores, team standings, fantasy football leagueinformation, and player news and notes. Because the tiles and theobjects within the tiles may be configured as applications that areconstantly running, once the tile is created and properly configured,the information desired by the user is automatically received by thedynamic interface application 120 and populated into the appropriatetile for the user's viewing and possible interaction. When the seasonwith which the tile is associated ends, the interface managementcomponent 124 removes the tile from the dynamic interface for archivinguntil the beginning of the next season.

The interface management component 124 also manages profiles that a usermay create. A user may have a profile that calls for a certain set oftiles to be in the dynamic interface during the day, such as tilesrelated to stock prices and business activities. The user's employer maypopulate the user's communications device 110 with one or more tilescontaining information important to the user's daily work, such ascommodity prices or investment analyst reporting. In the evening theuser may wish to view a partially or totally different set of tiles thatinclude leisure-related subjects. They same type of profile arrangementmay also be used for a user's tiles displayed during the work week andon the weekend.

The dynamic interface application 120 also comprises the contentreceiving and management component 126 that takes delivery of electroniccontent received from external sources and directs the content to theappropriate tile and selectable object in the tile. The contentreceiving and management component 126 manages the active connections tocontent providers 140 maintained by each of the tiles configured forsuch connections. Observing content arriving from all sources, thecontent receiving and management component 126, when necessary, blocksobjectionable material, spam, advertising, and any other content notwanted by the user. The content receiving and management component 126may take directions from rules or policies in effect on thecommunications device 110 to enforce limitations on the type or quantityof content received, especially if a content provider 140 or serviceprovider 130 may be charging the user for an excessive volume of contentor for certain types of content transmitted. If content is not properlyreceived, is received in garbled or corrupt form, or detects thatcontent from an unauthorized source is being sent to the communicationsdevice 110, the content receiving and management component 126 mayreport problems to the user, the service provider 130, and/or thecontent provider 140.

The dynamic interface application 120 also comprises the device securitycomponent 128 that enforces any security features desired by the user.Should the communications device 110 be lost, stolen, or misplaced, theuser may invoke functionality from another communications device 110 byactivating a security component made available by the service provider130, entering secure credentials, confirming the identity of thecommunications device 110 that has been lost, stolen, or misplaced, andproviding instructions as to what steps need to be taken to hide ordelete certain confidential or personal tiles and perhaps disablecertain functionality of the underlying communications device 110. Thesecurity component operated by the service provider 130 contacts thedevice security component 128 with the appropriate instructions. In anembodiment, a user of a communications device 110 may use a friend'smobile telephone equipped with the necessary software interface or mayuse a web interface on a desktop computer to access the securitycomponent operated by the service provider 130 that authenticates theuser and forwards instructions on to the device security component 128.Taking these steps will allow the user to remotely secure thecommunications device 110 by blocking access to tiles containingconfidential information as well as underlying device functionality.When the user recovers the communications device 110, the user may entercredentials on the device or on an interface to clear the security lockand re-enable access to the confidential tiles and disabledfunctionality.

The service provider 130 is a mobile telephone service provider or otherentity that provides telephone communication, Internet connectivity, andother communications services to subscribers using communicationsdevices 110. The service provider 130 receives and forwards tocommunications devices 110 electronic content originated by contentproviders 140 and requested by communications devices 110. In anembodiment, the service provider 130 may operate certain hardware orsoftware such as special tile server functionality to either assistcommunications devices 110 in creating tiles or assist them in importingtiles or tile formatting media provided by content providers 140. Theservice provider 130 assists in forwarding the desired electroniccontent feeds to the communications devices 110 using the really simplesyndication or similar technology.

The service provider comprises a provider security component 132 that auser electronically accesses when a communications device 110 is lost,stolen, or misplaced. The provider security component 132 receives amessage from the user, authenticates the user, and contacts the devicesecurity component 128 of the communications device 110. The providersecurity component 132 then relays security instructions received fromthe user regarding the disabling or deleting of specific tiles and thedisabling of functionality to the device security component 128. Thedevice security component 128 resident on the communications device 110then locally carries out those instructions on the lost, stolen, ormisplaced communications device 110.

The content provider 140 is the originator of the electronic contentthat is provided to the communications devices 110. The content provider140 may be an Internet web site that provides the content at the requestof the communications device 110 in the amounts and at the frequencieschosen by the communications device 110 and under the conditions agreedto by the content provider 140 and the user of the communications device110. In an embodiment, the user of the communications device 110 maysubscribe to certain content periodically provided by the contentprovider 140. The content may be political commentary or news, sportsreporting, academic material, blog content, or private, customizedcontent contracted specifically by the user of the communications device110.

The content sent by the content provider 140 is received and passedthrough by the service provider 130 to the communications device 110.The content receiving and management component 126 of the dynamicinterface application 120 takes delivery of the electronic content,completes any screening or filtering, determines the tile and associatedselectable object within the tile to which the electronic content shouldbe sent, and inserts the content. The content receiving and managementcomponent 126 determines whether to replace existing content with newcontent or to add the new content and leave the existing content inplace.

In an embodiment, instead of transmitting just electronic content forplacement in an existing tile, the content provider 140 may provide allof the media needed for the dynamic interface application 120 to createa new tile using a tile template. The dynamic interface application 120may include tools that allow a user to draw on standard tile templatesand create a tile that accommodates electronic content provided by acontent provider 140. In an embodiment, the content provider 140 mayprovide a ready-made tile that requires no modification. In anembodiment, the service provider 130 may provide a tile or tile templatethat permits insertion of content received from a content provider 140.

The network 150 promotes communication between the components of thesystem 100. The network 150 may be any communication network including apublic data network (PDN), a public switched telephone network (PSTN), aprivate network, and/or a combination thereof.

Turning now to FIG. 2, a method 200 of refreshing a dynamic interface isprovided. Beginning at block 202, the dynamic interface application 120receives a first transmission of electronic media. The electronic mediais received per the request of the communications device 110 and itcomprises read-only media or interactive media that may be placed in oneor more of the tiles in the communications device 110. The tile containsembedded selectable objects that are applications that may beperpetually in a running state including maintaining active connectionswith content providers 140. When the user wants to view and/or interactwith the material in a tile, the user does not have to wait for the tileto initiate a connection with the content provider 140 and wait againfor the content provider 140 to return the requested information.

At block 204, the content receiving and management component 126determines that all or a portion of the received electronic mediaproperly belongs in at least one of the panes in the dynamic interface.The electronic media may contain identifying signals or coding thatmatches with a master list maintained by the content receiving andmanagement component 126 such that the content may be identified asproperly belonging in a specific tile. The correct tile for the receivedcontent is determined and the selectable object within the tile withwhich the electronic content is to be associated is also determined. Atblock 206, the dynamic interface application 120 inserts the electroniccontent into the pane and associates the content with the properselectable object associated with the content.

At block 208, the dynamic interface application 120 receives a secondtransmission of electronic content. As with block 204, the contentreceiving and management component 126 first determines that the contentshould be accepted by the communications device 110 at all and thensearches for the correct tile to which the content should be directed.In an embodiment, two separate deliveries of electronic content receivedfrom the same content provider 140 may properly be directed to differenttiles because the specific electronic content in the two deliveriesdiffers. In another embodiment, content from two separate contentproviders 140 may at first appear to belong in the same tile. In bothembodiments, the content receiving and management component 126 mustmake an initial determination of whether to accept the transmissionfollowed by a determination of the correct tile to which the electroniccontent should be directed.

At block 210, the content receiving and management component 126determines that the media received in the second transmission properlybelongs in the same tile and associated with the same selectable objectwithin the tile as the tile and selectable object to which theelectronic content received in the first transmission was directed. Atblock 212, the content receiving and management component 126 insertsthe electronic content received in the second transmission into the sametile and selectable object as it inserted the electronic contentreceived in the first transmission. The content receiving and managementcomponent 126 must make a determination whether to replace the contentfrom the first transmission with the content from the secondtransmission or to instead add the content from the second transmissionso that the content from the first transmission is not deleted oroverwritten and instead remains accessible. Rules accompanying thespecific tile will aid the content receiving and management component126 in making this determination.

Turning now to FIG. 3, a method 300 of enforcing security andconfidentiality on a communications device 110 using a dynamic interfaceapplication 120 is provided. At block 302, the provider securitycomponent 132 of the service provider 130 receives a first message thatthe security of the communications device 110 has been compromised. Inan embodiment, the user of the communications device 110 may have lostor misplaced the communications device 110 or it may have been stolen.The user may invoke a security interface on another's mobile telephone,for example, on the mobile phone of a friend, a relative, or acolleague, or may access a security interface on a web interface on adesktop, laptop, or portable computer. The user is placed in contactwith the provider security component 132 that at block 304 processescredentials received in the first message and authenticates the user andthe first message. The user may then enter instructions that theprovider security component 132 will process at block 306 and forward atblock 308 to the device security component 128 directing the devicesecurity component 128 to hide or delete specific tiles and disablefunctionality of the dynamic interface application 120 and of theunderlying communications device 110.

Assuming the communications device 110 is powered on, the providersecurity component 132 will at block 308 pass on instructions to thedevice security component 128 and the instructions will be carried out.If the communications device 110 is not currently powered on, theinstructions related to the processing of the first message may be savedby the provider security component 132 and forwarded on to thecommunications device 110 when the communications device 110 is nextpowered on.

At block 310, the device security component 128 begins processing theinstructions contained in the first message. The instructions list thepanes in the dynamic interface to either immediately hide or outrightdelete functionality of the dynamic interface application 120 andcommunications device 110 to disable. At blocks 310 and 312, the devicesecurity component 128 carries out these instructions. A party thatattempts to access services on the communications device 110, includingviewing the tiles and selectable objects in the tiles, will not be ableto view the tiles earlier marked confidential by the user and will notbe able to use functionality disabled by the user. These hidden tilesand the disabled functionality will remain unavailable until thecommunications device 110 is recovered and the user elects to restorethe hidden tiles and disabled functionality.

At block 314, the provider security component 132 receives a secondmessage indicating that the security of the communications device 110 isno longer compromised. In an embodiment, the message is received becausethe user has recovered the lost, misplaced, or stolen communicationsdevice 110 and wishes to restore hidden tiles and disabledfunctionality. After examining the credentials received in the secondmessage and authenticating the identity of the user, the providersecurity component 132 notifies the device security component 128 atblock 314 to restore the hidden tiles and enable the previously disabledfunctionality. The device security component 128 carries out theseinstructions at block 316. The user is then able to fully use thecommunications device 110 and the dynamic interface application 120.

FIG. 4 shows a wireless communications system including the mobiledevice 102. In an embodiment, the mobile device 102 is equivalent to thecommunications device 110. FIG. 4 depicts the mobile device 102, whichis operable for implementing aspects of the present disclosure, but thepresent disclosure should not be limited to these implementations.Though illustrated as a mobile phone, the mobile device 102 may takevarious forms including a wireless handset, a pager, a personal digitalassistant (PDA), a gaming device, an inventory control device, a mediaplayer, a digital camera, a digital calculator, a portable computer, atablet computer, a laptop computer, and/or other. Many suitable handsetscombine some or all of these functions. In some embodiments of thepresent disclosure, the mobile device 102 is not a general purposecomputing device like a portable, laptop or tablet computer, but ratheris a special-purpose communications device such as a mobile phone,wireless handset, pager, or PDA. The mobile device 102 may supportspecialized activities such as gaming, inventory control, job control,and/or task management functions, and so on.

The mobile device 102 includes a display 402 and a touch-sensitivesurface or keys 404 for input by a user. The mobile device 102 maypresent options for the user to select, controls for the user toactuate, and/or cursors or other indicators for the user to direct. Themobile device 102 may further accept data entry from the user, includingnumbers to dial or various parameter values for configuring theoperation of the handset. The mobile device 102 may further execute oneor more software or firmware applications in response to user commands.These applications may configure the mobile device 102 to performvarious customized functions in response to user interaction.Additionally, the mobile device 102 may be programmed and/or configuredover-the-air, for example from a wireless base station, a wirelessaccess point, or a peer mobile device 102.

The mobile device 102 may execute a web browser application whichenables the display 402 to show a web page. The web page may be obtainedvia wireless communications with a base transceiver station (BTS) 406, awireless network access node, a peer mobile device 102 or any otherwireless communication network or system. While a single basetransceiver station 406 is illustrated, it is understood that thewireless communication system may comprise additional base transceiverstations. In some instances, the mobile device 102 may be incommunication with multiple base transceiver stations 406 at the sametime. The base transceiver station 406 (or wireless network access node)is coupled to a wired network 408, such as the Internet. Via thewireless link and the wired network, the mobile device 102 has access toinformation on various servers, such as a server 410. The server 410 mayprovide content that may be shown on the display 402. Alternately, themobile device 102 may access the base transceiver station 406 through apeer mobile device 102 acting as an intermediary, in a relay type or hoptype of connection.

FIG. 5 shows a block diagram of the mobile device 102. While a varietyof known components of handsets 102 are depicted, in an embodiment asubset of the listed components and/or additional components not listedmay be included in the mobile device 102. The mobile device 102 includesa digital signal processor (DSP) 502 and a memory 504. As shown, themobile device 102 may further include an antenna and front end unit 506,a radio frequency (RF) transceiver 508, an analog baseband processingunit 510, a microphone 512, an earpiece speaker 514, a headset port 516,an input/output interface 518, a removable memory card 520, a universalserial bus (USB) port 522, an infrared port 524, a vibrator 526, akeypad 528, a touch screen liquid crystal display (LCD) with a touchsensitive surface 530, a touch screen/LCD controller 532, acharge-coupled device (CCD) camera 534, a camera controller 536, and aglobal positioning system (GPS) sensor 538. In an embodiment, the mobiledevice 102 may include another kind of display that does not provide atouch sensitive screen. In an embodiment, the DSP 502 may communicatedirectly with the memory 504 without passing through the input/outputinterface 518.

The DSP 502 or some other form of controller or central processing unitoperates to control the various components of the mobile device 102 inaccordance with embedded software or firmware stored in memory 504 orstored in memory contained within the DSP 502 itself. In addition to theembedded software or firmware, the DSP 502 may execute otherapplications stored in the memory 504 or made available via informationcarrier media such as portable data storage media like the removablememory card 520 or via wired or wireless network communications. Theapplication software may comprise a compiled set of machine-readableinstructions that configure the DSP 502 to provide the desiredfunctionality, or the application software may be high-level softwareinstructions to be processed by an interpreter or compiler to indirectlyconfigure the DSP 502.

The antenna and front end unit 506 may be provided to convert betweenwireless signals and electrical signals, enabling the mobile device 102to send and receive information from a radio access network (RAN) orsome other available wireless communications network or from a peermobile device 102. In an embodiment, the antenna and front end unit 506may include multiple antennas to support beam forming and/or multipleinput multiple output (MIMO) operations. As is known to those skilled inthe art, MIMO operations may provide spatial diversity which can be usedto overcome difficult channel conditions and/or increase channelthroughput. The antenna and front end unit 506 may include antennatuning and/or impedance matching components, RF power amplifiers, and/orlow noise amplifiers.

The RF transceiver 508 provides frequency shifting, converting receivedRF signals to baseband and converting baseband transmit signals to RF.In some descriptions a radio transceiver or RF transceiver may beunderstood to include other signal processing functionality such asmodulation/demodulation, coding/decoding, interleaving/deinterleaving,spreading/despreading, inverse fast Fourier transforming (IFFT)/fastFourier transforming (FFT), cyclic prefix appending/removal, and othersignal processing functions. For the purposes of clarity, thedescription here separates the description of this signal processingfrom the RF and/or radio stage and conceptually allocates that signalprocessing to the analog baseband processing unit 510 and/or the DSP 502or other central processing unit. In some embodiments, the RFtransceiver 508, portions of the antenna and front end 506, and theanalog baseband processing unit 510 may be combined in one or moreprocessing units and/or application specific integrated circuits(ASICs).

The analog baseband processing unit 510 may provide various analogprocessing of inputs and outputs, for example analog processing ofinputs from the microphone 512 and the headset port 516 and outputs tothe earpiece speaker 514 and the headset port 516. To that end, theanalog baseband processing unit 510 may have ports for connecting to thebuilt-in microphone 512 and the earpiece speaker 514 that enable themobile device 102 to be used as a mobile phone. The analog basebandprocessing unit 510 may further include a port for connecting to aheadset or other hands-free microphone and speaker configuration. Theanalog baseband processing unit 510 may provide digital-to-analogconversion in one signal direction and analog-to-digital conversion inthe opposing signal direction. In some embodiments, at least some of thefunctionality of the analog baseband processing unit 510 may be providedby digital processing components, for example by the DSP 502 or by othercentral processing units.

The DSP 502 may perform modulation/demodulation, coding/decoding,interleaving/deinterleaving, spreading/despreading, inverse fast Fouriertransforming (IFFT)/fast Fourier transforming (FFT), cyclic prefixappending/removal, and other signal processing functions associated withwireless communications. In an embodiment, for example in a codedivision multiple access (CDMA) technology application, for atransmitter function the DSP 502 may perform modulation, coding,interleaving, and spreading, and for a receiver function the DSP 502 mayperform despreading, deinterleaving, decoding, and demodulation. Inanother embodiment, for example in an orthogonal frequency divisionmultiplex access (OFDMA) technology application, for the transmitterfunction the DSP 502 may perform modulation, coding, interleaving,inverse fast Fourier transforming, and cyclic prefix appending, and fora receiver function the DSP 502 may perform cyclic prefix removal, fastFourier transforming, deinterleaving, decoding, and demodulation. Inother wireless technology applications, yet other signal processingfunctions and combinations of signal processing functions may beperformed by the DSP 502.

The DSP 502 may communicate with a wireless network via the analogbaseband processing unit 510. In some embodiments, the communication mayprovide Internet connectivity, enabling a user to gain access to contenton the Internet and to send and receive e-mail or text messages. Theinput/output interface 518 interconnects the DSP 502 and variousmemories and interfaces. The memory 504 and the removable memory card520 may provide software and data to configure the operation of the DSP502. Among the interfaces may be the USB port 522 and the infrared port524. The USB port 522 may enable the mobile device 102 to function as aperipheral device to exchange information with a personal computer orother computer system. The infrared port 524 and other optional portssuch as a Bluetooth interface or an IEEE 802.11 compliant wirelessinterface may enable the mobile device 102 to communicate wirelesslywith other nearby handsets and/or wireless base stations.

The input/output interface 518 may further connect the DSP 502 to thevibrator 526 that, when triggered, causes the mobile device 102 tovibrate. The vibrator 526 may serve as a mechanism for silently alertingthe user to any of various events such as an incoming call, a new textmessage, and an appointment reminder.

The keypad 528 couples to the DSP 502 via the input/output interface 518to provide one mechanism for the user to make selections, enterinformation, and otherwise provide input to the mobile device 102.Another input mechanism may be the touch screen LCD 530, which may alsodisplay text and/or graphics to the user. The touch screen LCDcontroller 532 couples the DSP 502 to the touch screen LCD 530.

The CCD camera 534 enables the mobile device 102 to take digitalpictures. The DSP 502 communicates with the CCD camera 534 via thecamera controller 536. The GPS sensor 538 is coupled to the DSP 502 todecode global positioning system signals, thereby enabling the mobiledevice 102 to determine its position. In another embodiment, a cameraoperating according to a technology other than charge coupled devicecameras may be employed. Various other peripherals may also be includedto provide additional functions, e.g., radio and television reception.

FIG. 6 illustrates a software environment 602 that may be implemented bythe DSP 502. The DSP 502 executes operating system drivers 604 thatprovide a platform from which the rest of the software operates. Theoperating system drivers 604 provide drivers for the handset hardwarewith standardized interfaces that are accessible to applicationsoftware. The operating system drivers 604 include applicationmanagement services (“AMS”) 606 that transfer control betweenapplications running on the mobile device 102. Also shown in FIG. 6 area web browser application 608, a media player application 610, and JAVAapplets 612. The web browser application 608 configures the mobiledevice 102 to operate as a web browser, allowing a user to enterinformation into forms and select links to retrieve and view web pages.The media player application 610 configures the mobile device 102 toretrieve and play audio or audiovisual media. The JAVA applets 612configure the mobile device 102 to provide games, utilities, and otherfunctionality. The dynamic interface 614 corresponds to the dynamicinterface application 120 described in the system 100.

Some aspects of the system described above may be implemented on anygeneral-purpose computer with sufficient processing power, memoryresources, and network throughput capability to handle the necessaryworkload placed upon it. FIG. 7 illustrates a typical, general-purposecomputer system suitable for implementing one or more embodimentsdisclosed herein. The computer system 380 includes a processor 382(which may be referred to as a central processor unit or CPU) that is incommunication with memory devices including secondary storage 384, readonly memory (ROM) 386, random access memory (RAM) 388, input/output(I/O) devices 390, and network connectivity devices 392. The processormay be implemented as one or more CPU chips.

The secondary storage 384 is typically comprised of one or more diskdrives or tape drives and is used for non-volatile storage of data andas an over-flow data storage device if RAM 388 is not large enough tohold all working data. Secondary storage 384 may be used to storeprograms which are loaded into RAM 388 when such programs are selectedfor execution. The ROM 386 is used to store instructions and perhapsdata which are read during program execution. ROM 386 is a non-volatilememory device which typically has a small memory capacity relative tothe larger memory capacity of secondary storage. The RAM 388 is used tostore volatile data and perhaps to store instructions. Access to bothROM 386 and RAM 388 is typically faster than to secondary storage 384.

I/O devices 390 may include printers, video monitors, liquid crystaldisplays (LCDs), touch screen displays, keyboards, keypads, switches,dials, mice, track balls, voice recognizers, card readers, paper tapereaders, or other well-known input devices.

The network connectivity devices 392 may take the form of modems, modembanks, Ethernet cards, universal serial bus (USB) interface cards,serial interfaces, token ring cards, fiber distributed data interface(FDDI) cards, wireless local area network (WLAN) cards, radiotransceiver cards such as code division multiple access (CDMA), globalsystem for mobile communications (GSM), and/or worldwideinteroperability for microwave access (WiMAX) radio transceiver cards,and other well-known network devices. These network connectivity devices392 may enable the processor 382 to communicate with an Internet or oneor more intranets. With such a network connection, it is contemplatedthat the processor 382 might receive information from the network, ormight output information to the network in the course of performing theabove-described method steps. Such information, which is oftenrepresented as a sequence of instructions to be executed using processor382, may be received from and outputted to the network, for example, inthe form of a computer data signal embodied in a carrier wave.

Such information, which may include data or instructions to be executedusing processor 382 for example, may be received from and outputted tothe network, for example, in the form of a computer data baseband signalor signal embodied in a carrier wave. The baseband signal or signalembodied in the carrier wave generated by the network connectivitydevices 392 may propagate in or on the surface of electrical conductors,in coaxial cables, in waveguides, in optical media, for example opticalfiber, or in the air or free space. The information contained in thebaseband signal or signal embedded in the carrier wave may be orderedaccording to different sequences, as may be desirable for eitherprocessing or generating the information or transmitting or receivingthe information. The baseband signal or signal embedded in the carrierwave, or other types of signals currently used or hereafter developed,referred to herein as the transmission medium, may be generatedaccording to several methods well known to one skilled in the art.

The processor 382 executes instructions, codes, computer programs,scripts which it accesses from hard disk, floppy disk, optical disk(these various disk based systems may all be considered secondarystorage 384), ROM 386, RAM 388, or the network connectivity devices 392.While only one processor 382 is shown, multiple processors may bepresent. Thus, while instructions may be discussed as executed by aprocessor, the instructions may be executed simultaneously, serially, orotherwise executed by one or multiple processors.

While several embodiments have been provided in the present disclosure,it should be understood that the disclosed systems and methods may beembodied in many other specific forms without departing from the spiritor scope of the present disclosure. The present examples are to beconsidered as illustrative and not restrictive, and the intention is notto be limited to the details given herein. For example, the variouselements or components may be combined or integrated in another systemor certain features may be omitted or not implemented.

Also, techniques, systems, subsystems, and methods described andillustrated in the various embodiments as discrete or separate may becombined or integrated with other systems, modules, techniques, ormethods without departing from the scope of the present disclosure.Other items shown or discussed as directly coupled or communicating witheach other may be indirectly coupled or communicating through someinterface, device, or intermediate component, whether electrically,mechanically, or otherwise. Other examples of changes, substitutions,and alterations are ascertainable by one skilled in the art and could bemade without departing from the spirit and scope disclosed herein.

1. A method of enforcing security and confidentiality on acommunications device using a dynamic interface application, comprising:receiving, by a provider security component stored on a non-transitorycomputer readable medium and executable by a processor, a first messageindicating that the security of the communications device has beencompromised, wherein the first message is generated in response to thesecurity of the communications device being compromised, and wherein thefirst message identifies panes of the dynamic interface application tobe marked confidential, and selected functionality of the dynamicinterface application and underlying communications functionality to bedisabled; authenticating, by the provider security component, the firstmessage; processing, by the provider security component, firstinstructions contained in the first message to safeguard contentassociated with the panes of the dynamic interface application to bemarked confidential; sending, by the provider security component, secondinstructions based on the first instructions to a device securitycomponent executing on the communications device to render inaccessiblethe panes of the dynamic interface application marked confidential bydeleting or temporarily disabling access to the panes markedconfidential and to disable the selected functionality of the dynamicinterface application and the underlying communications functionality ofthe communications device until receiving further instruction, whereinthe second instructions list the panes marked confidential that are tobe rendered inaccessible, and the selected functionality of the dynamicinterface application and the underlying communications functionality tobe disabled; rendering inaccessible, by the device security component,the panes marked confidential by one of deleting and temporarilydisabling access to the panes marked confidential pursuant to the secondinstructions; disabling, by the device security component, the selectedfunctionality of the dynamic interface application and the underlyingcommunications functionality of the communications device untilreceiving further instruction pursuant to the second instructions;receiving, by the provider security component, a second messageindicating that the security of the communications device is no longercompromised; sending, by the provider security component, thirdinstructions to the device security component to enable previouslydisabled functionality and restore the panes previously disabledpursuant to the second instructions; and enabling, by the devicesecurity component, previously disabled functionality and restoringpreviously disabled panes pursuant to the third instructions.
 2. Themethod of claim 1, wherein the method is invoked when the communicationsdevice is one of misplaced, lost, and stolen.
 3. The method of claim 1,wherein the method is invoked remotely from a device other than thecommunications device, and wherein the device is one of a mobiletelephone and a web interface on one of a desktop, laptop, and handheldcomputer.
 4. The method of claim 1, wherein the method is invoked byentering secure credentials and providing the first instructionsregarding the services to be disabled and the panes to be madeinaccessible.
 5. The method of claim 1, wherein the renderinginaccessible of selected panes and disabling of selected functionalityis reversed by entering secure credentials.
 6. A method of enforcingsecurity and confidentiality on a communications device using a dynamicinterface application, comprising: receiving, by a provider securitycomponent stored on a non-transitory computer readable medium andexecutable by a processor, a first message indicating that the securityof the communications device has been compromised, wherein the firstmessage is generated in response to the security of the communicationsdevice being compromised, and wherein the first message identifies panesof the dynamic interface application to be marked confidential, andselected functionality of the dynamic interface application andunderlying communications functionality to be disabled; authenticating,by the provider security component, the first message; processing, bythe provider security component, first instructions contained in thefirst message to safeguard content associated with the panes of thedynamic interface application to be marked confidential; sending, by theprovider security component, the first instructions to a device securitycomponent executing on the communications device to render inaccessiblethe panes of the dynamic interface application marked confidential bydeleting or temporarily disabling access to marked panes and to disablethe selected functionality of the dynamic interface application and theunderlying communications functionality of the communications deviceuntil receiving further instruction; receiving, by the provider securitycomponent, a second message indicating that the security of thecommunications device is no longer compromised; and sending, by theprovider security component, second instructions to the device securitycomponent to enable previously disabled functionality and restore panespreviously disabled pursuant to the first instructions.
 7. The method ofclaim 6, wherein the security of the communications device is indicatedto have been compromised when the communications device is misplaced,lost, or stolen.
 8. The method of claim 6, wherein the method is invokedremotely from a device other than the communications device, and whereinthe device is one of a mobile telephone and a web interface on one of adesktop, laptop, and handheld computer.
 9. The method of claim 6,further comprising receiving secure credentials and the firstinstructions regarding the services to be disabled and the panes to bemade inaccessible entered remotely from a device other than thecommunications device, wherein the device is one of a mobile telephoneand a web interface on one of a desktop, laptop, and handheld computer.10. The method of claim 6, wherein the second message comprisescredentials, and wherein the credentials are entered remotely by a userusing a device other than the communications device, wherein the deviceis one of a mobile telephone and a web interface on one of a desktop,laptop, and handheld computer.
 11. The method of claim 10, furthercomprising: examining, by the provider security component, thecredentials prior to sending the second instructions to the devicesecurity component; and authenticating, by the provider securitycomponent, an identity of the user prior to sending the secondinstructions to the device security component.
 12. The method of claim6, further comprising: saving, by the provider security component, thefirst instructions when the communications device is not powered on; andsending, by the provider security component, the first instructions tothe device security component when the communications device is nextpowered on.
 13. A method of enforcing security and confidentiality on acommunications device using a dynamic interface application, comprising:receiving, by a provider security component stored on a non-transitorycomputer readable medium and executable by a processor, a first messageindicating that the security of the communications device has beencompromised, wherein the first message is generated in response to thesecurity of the communications device being compromised, and wherein thefirst message identifies panes of the dynamic interface application tobe marked confidential, and selected functionality of the dynamicinterface application and underlying communications functionality to bedisabled; processing, by the provider security component, firstinstructions contained in the first message to safeguard contentassociated with the panes of the dynamic interface application to bemarked confidential; sending, by the provider security component, secondinstructions based on the first instructions to a device securitycomponent executing on the communications device to render inaccessiblethe panes of the dynamic interface application marked confidential bydeleting or temporarily disabling access to the panes markedconfidential and to disable the selected functionality of the dynamicinterface application and the underlying communications functionality ofthe communications device until receiving further instruction, whereinthe second instructions list the panes marked confidential that are tobe rendered inaccessible, and the selected functionality of the dynamicinterface application and the underlying communications functionality tobe disabled; receiving, by a device security component executing on thecommunications device, the second instructions; carrying out, by thedevice security component, the second instructions; receiving, by thedevice security component, third instructions to enable previouslydisabled functionality and restore panes previously disabled pursuant tothe second instructions in response to an indication that the securityof the communications device is no longer compromised; and carrying out,by the device security component, the third instructions.
 14. The methodof claim 13, wherein carrying out the second instructions comprises:rendering inaccessible, by the device security component, the panesmarked confidential by one of deleting and temporarily disabling accessto marked panes pursuant to the second instructions; and disabling, bythe device security component, the selected functionality of the dynamicinterface application and the underlying communications functionality ofthe communications device until receiving further instruction pursuantto the second instructions.
 15. The method of claim 13, wherein carryingout the third instructions comprises enabling, by the device securitycomponent, previously disabled functionality and restoring previouslydisabled panes pursuant to the third instructions.
 16. The method ofclaim 13, wherein the security of the communications device is indicatedto have been compromised when the communications device is misplaced,lost, or stolen.